<?php
session_start();

if(isset($_SESSION['authorised']) && $_SESSION['authorised'] == true)
{   
    if(isset($_SESSION['type']))
    {
        if($_SESSION['type'] == 'administrator')
        {
            $dbname = $_SESSION['database'];
			
			$username= $_SESSION['account_name'];
			$parent_lastname=strtoupper(addslashes(pg_escape_string($_POST['parent_lastname'])));
			$parent_firstname=strtoupper(addslashes(pg_escape_string($_POST['parent_firstname'])));
			$parent_middlename=strtoupper(addslashes(pg_escape_string($_POST['parent_middlename'])));
			$level=strtoupper(addslashes(pg_escape_string($_POST['level'])));
			$school=strtoupper(addslashes(pg_escape_string($_POST['school'])));
			$month=$_POST['month'];
			$day=$_POST['day'];
			$year=$_POST['year'];
            
			include('connection.inc');
            
			$sql ="select parents.parent_id, users.lastname, users.firstname, users.middlename from parents inner join users where parents.username = users.username where users.lastname='$parent_lastname' AND users.firstname='$parent_firstname' AND users.middlename='$parent_lastname' ";
			$result = pg_query($sql);
			$rows=pg_fetch_array($result);
			$parent_id=$rows['parent_id'];
				
                $sql="INSERT INTO students (parent_id, grade_level, school, username, date_enrolled) VALUES ('$parent_id','$level', '$school', '$username', to_date('$birthday $birthmonth $birthyear', 'DD MON YYYY'))";
				$result=pg_query($sql);
				$header('Location: manageaccounts.php');
        }
        elseif($_SESSION['type'] == 'student')
        {
            header('Location: studentindex.php');
            exit();
        }
        elseif($_SESSION['type'] == 'tutor')
        {
            header('Location: tutorindex.php');
            exit();
        }
        elseif($_SESSION['type'] == 'parent')
        {
            header('Location: parentindex.php');
            exit();
        }
    }
}
else
{
    header('Location: index.php');
}
?>
